Reading Room

Getting Started/InfoSec

The DShield/Internet Storm Center (ISC) Webhoneypot is a new project from DShield--a distributed intrusion detection system--that extends its logging capabilities from layer 3 and 4 network traffic further up the OSI layers to help study application layer attacks.

Going from technical guru to Information Security Manager can be a bigger step than you might think. Taking on the role of IT Security Officer in an enterprise that treats information security as an IT problem can offer many challenges and many opportunities to learn.

This paper defines the fundamentals of 802.1x authentication, explains how the authentication process works in 802.1x, and provides the detailed steps to implement 802.1x in a switched LAN environment using Cisco's Implementation of 802.1x.

This paper puts forth a secure perimeter network design for the fictional company GIAC Enterprises, which is in the business of brokering fortune cookie sayings. The paper consists of three assignments and is completed in fulfillment of the requirements of a practical exam for the GIAC Certified Firewall Analysis Certification.

The task of designing a secure infrastructure for IIS 5.0 web servers within a DMZ is difficult enough. Securing an existing DMZ becomes exponentially more difficult due to the added requirement of retrofitting those currently working servers with more appropriate security settings, policies and operational procedures while not adversely affecting website or application availability and keep costs to a minimum throughout the process.

This paper discusses Computer Security as an ongoing journey, not simply a destination and outlines a flexible security framework that manages "pockets of chaos" to better help organizations achieve their security goals.

This paper discusses the defense building blocks used by NASA which include increasing network capabilities, continued examination of network capabilities, assessment of new technologies and tools, increased security awareness for NASA non-security professionals, and training of the Mission Network security team members.

Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact webmaster@sans.org.

All papers are copyrighted. No re-posting or distribution of papers is permitted.